CVE-2008-3106

Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
sunjdk
𝑥
≤ 5.0
sunjdk
𝑥
≤ 6
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjdk
5.0
sunjre
𝑥
≤ 5.0
sunjre
𝑥
≤ 6
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
sunjre
5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
karmic
Fixed 6b11-1
released
jaunty
Fixed 6b11-1
released
intrepid
Fixed 6b11-1
released
hardy
Fixed 6b11-2ubuntu2.1
released
gutsy
dne
feisty
dne
dapper
dne
sun-java5
karmic
dne
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 1.5.0-22-0ubuntu0.8.04
released
gutsy
ignored
feisty
ignored
dapper
ignored
sun-java6
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 6-17-0ubuntu1.8.04
released
gutsy
ignored
feisty
ignored
dapper
dne
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
http://secunia.com/advisories/31320
http://secunia.com/advisories/31497
http://secunia.com/advisories/31600
http://secunia.com/advisories/31736
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/32436
http://secunia.com/advisories/33237
http://secunia.com/advisories/33238
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1
http://support.apple.com/kb/HT3179
http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0790.html
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://www.redhat.com/support/errata/RHSA-2008-1044.html
http://www.redhat.com/support/errata/RHSA-2008-1045.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30143
http://www.securitytracker.com/id?1020457
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43658
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866
http://lists.apple.com/archives/security-announce//2008/Sep/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00002.html
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/31010
http://secunia.com/advisories/31320
http://secunia.com/advisories/31497
http://secunia.com/advisories/31600
http://secunia.com/advisories/31736
http://secunia.com/advisories/32018
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://secunia.com/advisories/32436
http://secunia.com/advisories/33237
http://secunia.com/advisories/33238
http://secunia.com/advisories/37386
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238628-1
http://support.apple.com/kb/HT3179
http://support.avaya.com/elmodocs2/security/ASA-2008-299.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-428.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-507.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-509.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=751014
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=756717
http://www.redhat.com/support/errata/RHSA-2008-0594.html
http://www.redhat.com/support/errata/RHSA-2008-0790.html
http://www.redhat.com/support/errata/RHSA-2008-0906.html
http://www.redhat.com/support/errata/RHSA-2008-1044.html
http://www.redhat.com/support/errata/RHSA-2008-1045.html
http://www.securityfocus.com/archive/1/497041/100/0/threaded
http://www.securityfocus.com/bid/30143
http://www.securitytracker.com/id?1020457
http://www.us-cert.gov/cas/techalerts/TA08-193A.html
http://www.vmware.com/security/advisories/VMSA-2008-0016.html
http://www.vupen.com/english/advisories/2008/2056/references
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabilities/43658
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10866